CVE-2010-2744

Name of the Vulnerable Software and Affected Versions Microsoft Windows XP versions SP2 through SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista versions SP1 through SP2 Microsoft Windows Server 2008 versions Gold through SP2 and R2 Microsoft Windows 7

Description The issue arises from the improper management of a window class by kernel-mode drivers, allowing local users to gain privileges. This can be achieved by creating a window and then modifying the popup menu structure using the SetWindowLongPtr function or using the SwitchWndProc function with a switch window information pointer that is not re-initialized when a WM NCCREATE message is processed. An elevation of privilege vulnerability exists due to the lack of proper validation of window class data by the Windows kernel-mode drivers, potentially allowing an attacker to run arbitrary code in kernel mode.

Recommendations For Microsoft Windows XP versions SP2 through SP3, update to a version that properly manages window classes. For Microsoft Windows Server 2003 version SP2, update to a version that properly validates window class data. For Microsoft Windows Vista versions SP1 through SP2, update to a version that correctly handles window class management. For Microsoft Windows Server 2008 versions Gold through SP2 and R2, update to a version that properly manages window classes. For Microsoft Windows 7, update to a version that properly validates window class data.